The EU General Data Protection Regulation (GDPR) caused consternation in organizations worldwide, before and after the new law came into effect on May 25, last year.
The introduction of the GDPR came with many misunderstanding of the high-level and often vague obligations, and principles. The impact of the GDPR on eDiscovery, answering regulatory requests, (internal) investigations and related disclosure of information is a challenge for many organizations. Research shows the majority of organizations are still having difficulty complying with a critical part of it.
Since its enforcement, data protection agencies in Europe have issued almost €60m in fines for GDPR breaches. There have been serious actions in the U.K., Austria, Portugal and Germany. The first major GDPR-case came in the form of a French enforcement action against Google, with a €50-million penalty for improperly disclosing to users how data is collected.
The European Data Protection Board (EDPB) reports that more than 206,326 GDPR-related cases have been reported in the 31 countries in the European Economic Area.
On the enforcement site, it is interesting to note, that the average amount of the fines issued, is much lower than the maximum fines specified in the regulation (€10 million or 2 percent of an organization’s total worldwide annual turnover).
However, watchdogs say they are just warming up. “2019 is just a transition year”, says the French regulator. Germany continues to come down hard on social media sites “If Facebook wants to keep operating in Germany, it has to make some changes”, regulators say. “We are growing sharp teeth,” claims the Dutch authorities.
And copycat legislation is coming. GDPR-kind legislation exists in Canada and other countries such as Brazil and Singapore are making serious plans. In the USA, California has passed a California Consumer Privacy Act (CCPA).
Time to take a closer look.
Join us in this exploration of one year GDPR. Learn from industry experts from what companies have done to be compliant; what is still considered to be the biggest bottleneck and what GDPR-related changes can be expected in the near future.
Get a detailed overview of existing and future privacy and data protection laws in the United States. Learn how our California customers prepare for the California Consumer Privacy Act (CCPA), which goes into effect January 1, 2020, and is considered the most ambiguous state privacy law in the USA.
Johannes C. Scholtes, Ph.D.
Chairman and Chief Strategy Officer
Johannes C. Scholtes, Ph.D. is Chairman and Chief Strategy Officer of ZyLAB. Scholtes, who was the company’s President and CEO from 1989 to 2009, shaped ZyLAB as an Information Management powerhouse across the globe. With his leadership and vision, ZyLAB is a partner for the United Nations War Crime Tribunals, FBI-Enron investigations, and the United States White House Executive Office of the President.
Before joining ZyLAB, Scholtes was a lieutenant in the intelligence department of the Royal Dutch Navy. Scholtes holds a Master of Science degree in Computer Science from Delft University of Technology and a Ph.D. in Computational Linguistics from the University of Amsterdam. As of 2008, he holds the Extraordinary Chair in Text Mining from the Department of Data Sciences and Knowledge Engineering in the Artificial Intelligence group at the University of Maastricht.
Mary Mack, CEDS
Mary Mack is a long-time industry expert with over 25 years of experience and leadership to her credit. Under her leadership, ACEDS furthers its commitment of building an international community of e-discovery practitioners for the exchange of training, certification, professional development and networking. Mack is known for her strength in relationship and community building, as well as for the depth of her e-discovery knowledge. Before joining ACEDS, Mary was the Enterprise Technology Counsel for ZyLAB, a global eDiscovery and Intelligent Information Governance software company focused on helping organizations insource eDiscovery to reduce legal spend and prevent privacy breaches and IP leakage. Prior to eDiscovery, Mary designed, coded, tested and maintained mission critical enterprise systems for banks, health insurers and pharmaceutical companies. Certified in eDiscovery, security, access and identity management, forensics and computer telephony, Mary is admitted to the Illinois bar and a graduate of Northwestern University School of Law. Mary is the author of A Process of Illumination: The Practical Guide to Electronic Discovery and the co-editor of Thomson Reuters West’s eDiscovery for Corporate Counsel.
Yodi S. Hailemariam
Yodi Hailemariam, CIPP-US, focuses her practice on U.S. and cross-border information governance, data privacy, cybersecurity, electronic discovery, legal analytics, artificial intelligence and the Internet of Things. Yodi has experience in a wide range of industries, including technology, health care, pharmaceuticals and life sciences, intellectual property, insurance and financial services. Yodi has extensive experience advising on cross-border data issues, particularly with respect to Asia and the European Union.